Bug 73939

Summary: [chromium] Don't crash if tile upload happens without painting first
Product: WebKit Reporter: Adrienne Walker <enne>
Component: New BugsAssignee: Adrienne Walker <enne>
Status: RESOLVED FIXED    
Severity: Normal CC: cc-bugs, enne, jamesr, reveman, vangelis, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Fix ImageLayerChromium to not do this none

Adrienne Walker
Reported 2011-12-06 11:47:14 PST
[chromium] Don't crash if tile upload happens without painting first
Attachments
Patch (1.92 KB, patch)
2011-12-06 11:51 PST, Adrienne Walker 		no flags
DetailsFormatted DiffDiff
Fix ImageLayerChromium to not do this (2.69 KB, patch)
2011-12-06 12:27 PST, Adrienne Walker 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Adrienne Walker
Comment 1 2011-12-06 11:51:01 PST
Created attachment 118084 [details] Patch
Adrienne Walker
Comment 2 2011-12-06 11:56:14 PST
See: http://code.google.com/p/chromium/issues/detail?id=105569 I think this crash is caused by a paint/upload mismatch. A layer isn't painted but is uploaded from, so its tiler isn't created. I'm not totally sure where this is happening, but that seems like a likely culprit. The proper fix is the ForEachCompositorResource functor iteration from https://bugs.webkit.org/show_bug.cgi?id=72752, but I want something small that can be backported to m17.
David Reveman
Comment 3 2011-12-06 12:09:01 PST
Looks good to me. Any idea how we end up calling updateCompositorResources() without prepareToUpdate first?
Adrienne Walker
Comment 4 2011-12-06 12:16:32 PST
(In reply to comment #3) > Looks good to me. Any idea how we end up calling updateCompositorResources() without prepareToUpdate first? I'm not totally sure, but there's two totally different code paths, so it seemed really plausible. Actually, ImageLayerChromium::paintContentsIfDirty has an early out before prepareToUpdate if the visible rect is empty. That would do it.
Adrienne Walker
Comment 5 2011-12-06 12:27:44 PST
Created attachment 118090 [details] Fix ImageLayerChromium to not do this
James Robinson
Comment 6 2011-12-06 12:31:08 PST
Comment on attachment 118090 [details] Fix ImageLayerChromium to not do this This looks safe
WebKit Review Bot
Comment 7 2011-12-06 14:26:44 PST
Comment on attachment 118090 [details] Fix ImageLayerChromium to not do this Clearing flags on attachment: 118090 Committed r102180: <http://trac.webkit.org/changeset/102180>
WebKit Review Bot
Comment 8 2011-12-06 14:26:49 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.